Malware Analyst

OTI oversees all Citywide technology, privacy, cybersecurity, infrastructure, and telecommunications to ensure the security of, and enhance, City operations and service delivery to New York City's residents, businesses, employees, and visitors. As the City's technology and innovation leader, OTI is responsible for operating, maintaining and securing IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations.

At OTI, we offer great benefits, and the chance to work on projects that have a meaningful impact on millions of people. You'll have the opportunity to work with cutting-edge technology, transition our existing data infrastructure to a cloud-centric platform, and collaborate with other passionate professionals who share your drive and commitment to making a difference through technology.

About New York City Cyber Command

The New York City Office of Technology and Innovation (OTI) Cyber Command is committed to protecting City systems and technology infrastructure that provide and enable vital services to New Yorkers from cyber threats, and helping residents become safer in their digital lives.

As the organization defending the largest municipality in the country, OTI Cyber Command is charged with directing citywide incident response, setting citywide cybersecurity policies and standards and working with city agencies to strengthen their cyber defenses.

Mission Statement

"To lead and execute an innovative, intelligence-driven, risk-informed cyber defense and response strategy -- with the support of key partners and allies -- that enables the city government to properly function and provide services to New Yorkers".

Vision Statement

"New York City the most cyber-resilient city in the world"

Job Description

The Malware Analyst within OTI- Cyber Command will specialize and focus on malware analysis, threat actor campaign assessment, and threat actor correlation to the analyzed malware. While not analyzing malware, the analyst will be expected to perform job functions similar to members within the Computer Emergency Response, which include building automation workflows and playbooks that promote malware analysis and enable analysts to efficiently scan and review results of dynamic analysis, enhancing and building the malware analysis program at NYC3 and building security content from analyzed malicious data both found internally and in the wild.

Responsibilities for the Malware Analyst position will include, but are not limited to, the following:

• Conduct malware analysis and reverse engineering on suspicious code, and producing a detailed report of the findings;

• Research malware families and variants to distill common characteristics and behaviors;

• Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures;

• Review threat information, maintain a threat repository with tagged malware samples and develop a process on archiving and updating this repository;

• Perform static code analysis and dynamic analysis with a focus on extracting identifiable behaviors that can be used to inform analytic development efforts and the NYC3 defensive posture;

• Analyze malware obtained from internal and external sources to extract identifiable behaviors and inform analytic development efforts and the NYC3 defensive posture;

• Partner with SOC and Counter Threat Intelligence (CTI) teams during investigations to understand incidents and support technical analysis of malicious cyber security events;

• Work with the Counter Threat Automation (CTA) team on automation of process for malware analysis;

• Build tools to support malware analysis and work with the CTA team to integrate them;

• Communicate effectively with business executives, technology specialists, and vendors.

Minimum Qualifications

A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; or,

Education and/or experience which is equivalent to "1" above.

Preferred Skills

The preferred candidate should possess the following: - 4+ years experience as a Malware Analyst

• A solid understanding of how malware interacts with different operating systems

• A solid understanding of dynamic/static analysis of malware

• Understand unpacking, deobfuscation, and anti-debugging techniques

• Reconstruct unknown file formats & data structures

• Experience with reverse engineering tools such as IDA Pro, WinDbg, OllyDbg, Immunity Debugger or similar

• Strong knowledge of C/C++, Windows API, and Windows OS internals

• Experience in creating malware analysis tools and scripts for accelerating automated malware analysis, unpacking, and extracting data

• Understand network protocols and common ways they are employed in attacks

• Knowledge of incident response, investigations and crisis management

• Knowledge of both host based forensics and network based forensics

• Intermediate experience programming in Python and willingness to learn new languages as needed

• Understand source code, hex, binary, regular expression, data correlation, and analysis such as firewall, network flow, and system logs

• Ability to write technical reports

• Experience in interacting with major government agencies and authorities around the world

• Experience in safely and legally maintaining a network for collection of threat information

• Experience reviewing and analyzing Security Events from various monitoring and logging sources

• Previous experience working as a part of an IT Security team

• Strong sense of teamwork, an inquisitive mind and the desire to share knowledge

• Demonstrated work that is reviewable: i.e. Github / Bitbucket/Gitlab repositories or portfolio site

• Preferred certifications : GREM, GCIA, GCIH.

Public Service Loan Forgiveness

As a prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. For more information, please visit the U.S. Department of Education's website at https://studentaid.gov/pslf/

Residency Requirement

New York City Residency is not required for this position

Additional Information

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.